Implementing and Operating Cisco Security Core Technologies (SCOR) — Question 443

What is the purpose of CA in a PKI?

Answer options

• A. to validate the authenticity of a digital certificate
• B. to issue and revoke digital certificates
• C. to certify the ownership of a public key by the named subject
• D. to create the private key for a digital certificate

Correct answer: B

Explanation

The correct answer is B, as the Certificate Authority is responsible for issuing and revoking digital certificates, ensuring their lifecycle is managed. Option A is incorrect because while CAs validate authenticity, their primary role involves issuance and revocation. Option C is misleading as it describes part of the CA's function but does not encompass the entire scope. Option D is incorrect since CAs do not create private keys; users generate their own private keys.